More than 10,000 financial institutions (FIs) are currently participating in open banking initiatives worldwide. But as it turns out, approximately 49 percent of banking customers do not trust that their personal data will be kept secure. In the latest Preventing Financial Crimes Playbook, John Elliott, head of open banking at wealth management group Investec, discusses how FIs can protect customer data by ensuring that the data rests only in the hands of the bank and not unsecured third-party providers.
More than 10,000 financial institutions (FIs) around the world are implementing or exploring open banking, an emerging trend in the financial industry that allows banks and FinTechs to freely share their data, encouraging collaboration and the development of new customer-facing services.
Introducing open banking principles has not been without friction, however, with banks and consumers concerned over how this sea change will affect FIs’ daily operations.
“When open banking was first started, there was this fear that it was going to be the disaggregation of banks — that banks are going to be pure commodity players — and who would wish to be a banker in this brave new world?” said John Elliott, head of open banking at banking and wealth management group Investec. “But the reality is that all of those prophets of doom haven’t come to pass. What we are seeing [is] continual innovation in terms of services and offerings for corporates and for individuals that are being built utilizing open banking rails.”
Some of these innovations include improved data gathering capabilities and heightened protection against financial crime. Banks are swimming against the current when it comes to customer trust, though.
Open Banking’s Data Benefits
One of the biggest changes set to occur with the advent of open banking is how it will change the way banks harvest data, Elliott said in an interview with PYMNTS. FIs traditionally have only had access to the data that customers provided them, such as withdrawals, deposits, salaries and any loans they opened with the banks. Open banking opens up an abundance of actionable data, however.
“You can do better credit scoring now, for example, because you can see all [banks’] transactions with all of their clients,” he said. “You can start to do things like seeing how much [clients] pay in rent every month and infer information about their credit capability, even if they have no credit score.”
This data is obviously useful for banks developing targeted offerings for their customers, but it has a host of additional uses. Some businesses are using it to promote better financial practices, according to Elliott.
“Last year, I met four or five different businesses that are looking at utilizing open banking data to improve data collection efficiency, but not just the parts around how you collect your money, but also the curative parts,” he said. “[They were exploring] how to educate people better [about] managing and spending money and bring them back into the financial system as good payers.”
All of this valuable data needs to stay out of the hands of fraudsters and other bad actors, of course. Open banking’s nature fortunately provides superior data security to traditional banking models.
Open Banking Prevents Data Exposure
Open banking can substantially increase the security of customers’ personal information. An Amazon customer typically makes payments using payment card data that the customer’s bank already has on file, for example, resulting in the same set of valuable information located in two places, both of which could be compromised in a data breach. Open banking could allow Amazon to interface with the customer’s bank directly for payment processing, keeping the exchange of sensitive information to a minimum.
“In this new context, if you’re buying something online and you need to authorize a payment, your banking app is going [to] ping … you, and it’s going to ask if you would like to approve a payment,” Elliott said. “We go to you on the secure channel that we own with you, maybe with a biometric authentication, so we know that you are who you say you are.”
The merchant’s connection with the bank is also kept secure through government-provided credentials, ensuring that fraudsters are unable to infiltrate. The U.K.’s open banking system maintains a list of credentialed third-party providers (TPPs) that are allowed to access bank accounts through open application programming interfaces (APIs), for example.
“Amazon, for example, presents their credential to us as a TPP,” Elliott explained. “In the U.K., they have to be registered with the open banking directory, and they’ve gone through a [verification] process in order to be there.”
These security measures could go a long way toward building trust in open banking systems, but this trust is currently at very low levels.
Countering a Lack of Trust in Open Banking
Approximately 49 percent of consumers do not trust open banking systems to keep their personal data safe, according to a study, with 54 percent expressing concern that their data will be exploited by bad actors. Building up this trust will be essential if banks want their customers to make full use of the programs open banking can offer.
“The biggest challenge to open banking in the short to medium term is going to be consumer acceptance,” Elliott noted. “It’s still easier to use a card, and in some ways, it is safer because you hold the chargeback. If you don’t like a transaction, you can always reject it, and you don’t hold the liability for it.”
This perception of open banking is gradually changing, especially among younger generations. Forty-eight percent of Generation Z consumers and 39 percent of millennials see value in open banking as opposed to less than 23 percent of older consumers. There is still a long way to go before universal acceptance, but the foundations have already been put in place.